Bogus Web Journals Used As Trap

According to a report today from BBC Tech News.

It is being reported that hackers are attempting to add dangerous code to certain blog sites. Consequently some net surfers, if they are using unpatched Windows operating systems when visiting these blogs, could quite possibly end up with malicious programs such as keyloggers or other malware on their computers.

Filtering firm Websense said it had found hundreds of bogus blogs baited with all kinds of malicious software to snare the unwary.

Websense warned that the baited blogs could get past traditional security measures that try to protect people from malicious programs.

According to Websense, they had looked at some examples where hackers are creating legitimate looking weblogs, adding viral code or keylogging software to the page and then passing on the blog address on via spam or instant messenger

"These aren't the kind of blog websites that someone would stumble upon and infect their machine accidentally," said Dan Hubbard, Websense's research director. "The success of these attacks relies upon a certain level of social engineering to persuade the individual to click on the link."

In order to protect yourself when surfing new or unknown blogs, use the same precautions computer users should always employ. Do not read unsolicited messages received via IM or e-mail. Keep you Windows patches and your AV applications up to date, and install an anti-spyware product on your computer. Personally, I recommend using more than one anti-spyware application since very often one will identify and clean an object where the other may miss it.

Users were urged to keep anti-virus and patches up to date, regularly scan machines with anti-spyware products and exercise caution when reading unsolicited messages sent via e-mail or instant messenger.

MORE.....